CVE-2008-1981

Loading...

General

Score:6.8/10.0
Severity:Medium
Category:Bounce Attack

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 27/04/08 - Updated on 08/08/17

Description

Cross-site request forgery (CSRF) vulnerability in E-Publish 5.x before 5.x-1.1 and 6.x before 6.x-1.0 beta1, a Drupal module, allows remote attackers to perform unauthorized actions as other users via unspecified vectors.

Category: Bounce Attack

CWE-352 (Cross-Site Request Forgery (CSRF))
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

Security Notices

US National Vulnerability DatabaseCVE-2008-1981

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
drupale-publish

Share this vulnerability with:

Twitter Facebook LinkedIn Mail